MCPcopy Index your code
hub / github.com/Steward-Fi/steward

github.com/Steward-Fi/steward @v0.4.5

Chat with this repo
repository ↗ · DeepWiki ↗ · release v0.4.5 ↗ · + Follow
1,931 symbols 5,032 edges 350 files 218 documented · 11%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Steward

Auth + wallet infrastructure for autonomous agents. Open source. Self-hostable. Policy-enforced at the signing layer.

npm MIT License API Docs


The Problem

AI agents need wallet keys, API keys, database credentials. Today these live as plaintext environment variables, one prompt injection away from exfiltration. No spending controls, no audit trail, no kill switch.

Existing embedded-wallet platforms were built for consumer apps, not agents. They're closed source, can't be self-hosted, charge per-transaction fees, and have no concept of policy enforcement or autonomous operation.

The Solution

Steward sits between agents and everything they access. Four pillars:

  1. Vault — AES-256-GCM encrypted keys. EVM (7 chains) + Solana. Keys never exist in plaintext outside a signing operation.
  2. Policy Engine — 6 composable rule types evaluated before every action. Spending limits, rate limits, address whitelists, time windows, auto-approve thresholds.
  3. Auth — Passkeys, email magic links, SIWE, Google/Discord OAuth. JWT sessions with refresh token rotation.
  4. Proxy Gateway — Credential injection for any third-party API. Agents never see raw keys. Full audit trail.

Architecture

Agent / App              Steward                        External
┌─────────────┐    ┌──────────────────────┐    ┌──────────────────┐
│ STEWARD_URL │───>│ Auth (JWT/passkey)   │    │ Chains (EVM/Sol) │
│ STEWARD_JWT │    │ Policy Engine        │───>│ OpenAI/Anthropic  │
│             │    │ Wallet Vault         │    │ Any API           │
│ No API keys │    │ Secret Vault         │    └──────────────────┘
│ No priv keys│    │ Proxy Gateway        │
└─────────────┘    │ Audit Log            │
                   └──────────────────────┘

Quick Start

npm install @stwd/sdk
import { StewardClient } from "@stwd/sdk";

const steward = new StewardClient({
  baseUrl: "https://api.steward.fi",
  apiKey: "stw_your_tenant_key",
  tenantId: "my-app",
});

// Create an agent with EVM + Solana wallets
const agent = await steward.createWallet("trading-bot", "Trading Bot");
console.log(agent.walletAddresses); // { evm: "0x...", solana: "..." }

// Sign a transaction (policy-enforced)
const result = await steward.signTransaction("trading-bot", {
  to: "0xRecipient",
  value: "10000000000000000", // 0.01 ETH
  chainId: 8453, // Base
});

See the full Quickstart Guide for auth setup and policies. See the Deployment Guide for self-hosting.


Auth Widget

Drop-in React components for login and wallet management:

npm install @stwd/react @stwd/sdk
import { StewardProvider, StewardLogin, StewardAuthGuard } from "@stwd/react";
import "@stwd/react/styles.css";

function App() {
  return (
    <StewardProvider
      client={stewardClient}
      auth={{ baseUrl: "https://api.steward.fi" }}
    >
      <StewardAuthGuard fallback={<StewardLogin methods={["passkey", "email", "google"]} />}>
        <Dashboard />
      </StewardAuthGuard>
    </StewardProvider>
  );
}

Components: StewardLogin, StewardAuthGuard, StewardUserButton, StewardTenantPicker, WalletOverview, PolicyControls, ApprovalQueue, SpendDashboard, TransactionHistory.


Packages

Package Version Description
@stwd/sdk npm TypeScript client for browser + Node. Zero deps.
@stwd/react npm Drop-in React components: login, wallet, policies, approvals.
@stwd/eliza-plugin npm ElizaOS integration: sign, transfer, balance, approval evaluator.
@stwd/api Hono REST API. 30+ endpoints, multi-tenant, dual auth.
@stwd/vault Wallet + secret encryption. AES-256-GCM, EVM + Solana.
@stwd/policy-engine Composable policy evaluation. 6 rule types, 1000+ lines of tests.
@stwd/proxy API proxy with credential injection, alias system, audit trail.
@stwd/auth Passkeys (WebAuthn), email magic links, SIWE, OAuth.
@stwd/webhooks HMAC-signed event delivery with retries.
@stwd/db Drizzle ORM schema, migrations, PGLite adapter.
@stwd/shared Types, chain metadata, constants.

Self-Hosting

Steward runs anywhere. Two options:

Docker (recommended for production):

git clone https://github.com/Steward-Fi/steward.git && cd steward
cp .env.example .env
# Set STEWARD_MASTER_PASSWORD, POSTGRES_PASSWORD, STEWARD_PLATFORM_KEYS,
# STEWARD_SESSION_SECRET, and STEWARD_JWT_SECRET in .env
docker compose up -d
curl http://127.0.0.1:3200/ready

This starts the API (:3200), proxy (:8080), Postgres, and Redis. API migrations run automatically on startup unless SKIP_MIGRATIONS is set.

Embedded mode (no third-party dependencies):

bun run start:local

Uses PGLite (in-process Postgres via WASM). Data persists to ~/.steward/data/. Good for local development, CLI agents, and desktop apps.

Required env vars:

Variable Description
STEWARD_MASTER_PASSWORD Derives all vault encryption keys. No recovery if lost.
DATABASE_URL Postgres connection string (not needed in embedded mode)
STEWARD_SESSION_SECRET JWT signing secret (defaults to master password)
REDIS_URL Redis for rate limiting + token store (optional)
RESEND_API_KEY For email magic link auth (optional)
PASSKEY_RP_ID WebAuthn relying party domain (optional)
GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET Google OAuth (optional)
DISCORD_CLIENT_ID / DISCORD_CLIENT_SECRET Discord OAuth (optional)

Full list in .env.example. See Deployment Guide for production setup.


Features

  • [x] Vault: AES-256-GCM encrypted wallets, EVM (7 chains) + Solana
  • [x] Policy Engine: 6 composable types (spending-limit, approved-addresses, rate-limit, time-window, auto-approve-threshold, allowed-chains)
  • [x] Auth: Passkeys (WebAuthn), email magic links, SIWE, Google OAuth, Discord OAuth
  • [x] JWT Sessions: Access + refresh token rotation, revoke single/all sessions
  • [x] Cross-Tenant Identity: One user, one wallet, multiple apps
  • [x] Multi-Tenant API: Full tenant isolation at middleware + DB level
  • [x] Proxy Gateway: Credential injection, alias system, spend tracking, audit trail
  • [x] React Components: Login widget, wallet overview, policy controls, approval queue
  • [x] TypeScript SDK: Typed client, browser + Node, all wallet/policy/auth ops
  • [x] ElizaOS Plugin: Sign, transfer, balance, approval evaluator
  • [x] Embedded Mode: PGLite, zero third-party dependencies, same API surface
  • [x] Docker: Multi-stage Dockerfile, docker-compose with Postgres + Redis
  • [x] Webhooks: HMAC-signed events (tx.signed, tx.pending, policy.violation, etc.)
  • [x] Per-Tenant CORS: Configurable allowed origins per tenant

What Steward Offers

  • Open Source — MIT licensed, full source available.
  • Self-Hostable — Docker, embedded PGLite, or hosted.
  • Full Auth Surface — Passkey / email / SIWE / OAuth.
  • Policy Enforcement at the Vault Layer — 6 composable rule types evaluated before any signature is produced; compromised app code cannot bypass.
  • Agent-Native — Built from day one for autonomous operation: approval queues, audit log, kill-switch.
  • Credential Proxy — Inject keys for any third-party API; agents never see raw secrets.

Supported Chains

Ethereum · Base · Polygon · Arbitrum · BSC · Base Sepolia · BSC Testnet · Solana


Building With

ElizaOS · Milady · Babylon · Hyperscape · Strata Reserve


Contributing

See CONTRIBUTING.md for development setup, coding standards, and PR guidelines.

Links

License

MIT

Extension points exported contracts — how you extend this code

StoreBackend (Interface)
(no doc) [8 implementers]
packages/auth/src/store-backends.ts
Strategy (Interface)
(no doc) [7 implementers]
packages/agent-trader/src/strategies/types.ts
SessionStorage (Interface)
(no doc) [4 implementers]
packages/sdk/src/auth-types.ts
TradeSessionRedisLike (Interface)
(no doc) [2 implementers]
packages/trade-sessions/src/index.ts
IoredisPipelineLike (Interface)
(no doc) [2 implementers]
packages/redis/src/upstash-adapter.ts
KeystoreBackend (Interface)
(no doc) [1 implementers]
packages/vault/src/keystore-backend.ts
VaultClient (Interface)
(no doc) [1 implementers]
packages/venue-hyperliquid/src/index.ts
OAuthTokenEncrypter (Interface)
(no doc) [1 implementers]
packages/db/src/oauth-token-encryption.ts

Core symbols most depended-on inside this repo

get
called by 316
packages/auth/src/lockout.ts
hoursAgo
called by 186
packages/seed/src/index.ts
getDb
called by 174
packages/db/src/client.ts
set
called by 166
packages/auth/src/lockout.ts
fetch
called by 145
packages/api/src/worker.ts
delete
called by 123
packages/auth/src/lockout.ts
push
called by 99
packages/auth/src/sms-provider.ts
on
called by 67
packages/agent-trader/src/webhook.ts

Shape

Function 1,024
Method 393
Interface 370
Class 144

Languages

TypeScript100%

Modules by API surface

packages/sdk/src/client.ts81 symbols
packages/redis/src/upstash-adapter.ts62 symbols
packages/api/src/routes/auth.ts57 symbols
packages/sdk/src/auth.ts50 symbols
packages/sdk/src/types.ts46 symbols
packages/shared/src/index.ts44 symbols
packages/venue-hyperliquid/src/index.ts39 symbols
packages/trade-sessions/src/index.ts34 symbols
packages/react/src/types/wallet-shims.d.ts33 symbols
packages/auth/src/store-backends.ts33 symbols
packages/react/src/types.ts29 symbols
packages/api/src/services/context.ts27 symbols

Datastores touched

stewardDatabase · 1 repos
dbDatabase · 1 repos
dbnameDatabase · 1 repos
steward_testDatabase · 1 repos

For agents

$ claude mcp add steward \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page